railties 7.0.8 → 7.2.0

data/lib/rails/application/finisher.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require "set"
 require "active_support/core_ext/string/inflections"
 require "active_support/core_ext/array/conversions"
 require "active_support/descendants_tracker"
@@ -11,22 +12,27 @@ module Rails
       include Initializable
 
       initializer :add_generator_templates do
-        config.generators.templates.unshift(*paths["lib/templates"].existent)
+        ensure_generator_templates_added
       end
 
       initializer :setup_main_autoloader do
         autoloader = Rails.autoloaders.main
 
+        # Normally empty, but if the user already defined some, we won't
+        # override them. Important if there are custom namespaces associated.
+        already_configured_dirs = Set.new(autoloader.dirs)
+
         ActiveSupport::Dependencies.autoload_paths.freeze
         ActiveSupport::Dependencies.autoload_paths.uniq.each do |path|
           # Zeitwerk only accepts existing directories in `push_dir`.
           next unless File.directory?(path)
+          next if already_configured_dirs.member?(path.to_s)
 
           autoloader.push_dir(path)
           autoloader.do_not_eager_load(path) unless ActiveSupport::Dependencies.eager_load?(path)
         end
 
-        unless config.cache_classes
+        if config.reloading_enabled?
           autoloader.enable_reloading
           ActiveSupport::Dependencies.autoloader = autoloader
 
@@ -72,9 +78,10 @@ module Rails
         if config.eager_load
           ActiveSupport.run_load_hooks(:before_eager_load, self)
           Zeitwerk::Loader.eager_load_all
+          Rails.eager_load!
           config.eager_load_namespaces.each(&:eager_load!)
 
-          unless config.cache_classes
+          if config.reloading_enabled?
             app.reloader.after_class_unload do
               Rails.autoloaders.main.eager_load
             end
@@ -125,10 +132,7 @@ module Rails
         else
           # Default concurrency setting: enabled, but safe
 
-          unless config.cache_classes && config.eager_load
-            # Without cache_classes + eager_load, the load interlock
-            # is required for proper operation
-
+          if config.reloading_enabled?
             app.executor.register_hook(InterlockHook, outer: true)
           end
         end
@@ -157,6 +161,7 @@ module Rails
         reloader.eager_load = app.config.eager_load
         reloader.execute
         reloaders << reloader
+
         app.reloader.to_run do
           # We configure #execute rather than #execute_if_updated because if
           # autoloaded constants are cleared we need to reload routes also in
@@ -169,7 +174,10 @@ module Rails
           # some sort of reloaders dependency support, to be added.
           require_unload_lock!
           reloader.execute
+          ActiveSupport.run_load_hooks(:after_routes_loaded, self)
         end
+
+        ActiveSupport.run_load_hooks(:after_routes_loaded, self)
       end
 
       # Set clearing dependencies after the finisher hook to ensure paths
@@ -181,39 +189,48 @@ module Rails
           ActiveSupport::Dependencies.clear
         end
 
-        if config.cache_classes
-          app.reloader.check = lambda { false }
-        elsif config.reload_classes_only_on_change
-          app.reloader.check = lambda do
-            app.reloaders.map(&:updated?).any?
+        if config.reloading_enabled?
+          if config.reload_classes_only_on_change
+            app.reloader.check = lambda do
+              app.reloaders.map(&:updated?).any?
+            end
+          else
+            app.reloader.check = lambda { true }
           end
         else
-          app.reloader.check = lambda { true }
+          app.reloader.check = lambda { false }
         end
 
-        if config.cache_classes
-          # No reloader
-          ActiveSupport::DescendantsTracker.disable_clear!
-        elsif config.reload_classes_only_on_change
-          reloader = config.file_watcher.new(*watchable_args, &callback)
-          reloaders << reloader
-
-          # Prepend this callback to have autoloaded constants cleared before
-          # any other possible reloading, in case they need to autoload fresh
-          # constants.
-          app.reloader.to_run(prepend: true) do
-            # In addition to changes detected by the file watcher, if routes
-            # or i18n have been updated we also need to clear constants,
-            # that's why we run #execute rather than #execute_if_updated, this
-            # callback has to clear autoloaded constants after any update.
-            class_unload! do
-              reloader.execute
+        if config.reloading_enabled?
+          if config.reload_classes_only_on_change
+            reloader = config.file_watcher.new(*watchable_args, &callback)
+            reloaders << reloader
+
+            # Prepend this callback to have autoloaded constants cleared before
+            # any other possible reloading, in case they need to autoload fresh
+            # constants.
+            app.reloader.to_run(prepend: true) do
+              # In addition to changes detected by the file watcher, if routes
+              # or i18n have been updated we also need to clear constants,
+              # that's why we run #execute rather than #execute_if_updated, this
+              # callback has to clear autoloaded constants after any update.
+              class_unload! do
+                reloader.execute
+              end
+            end
+          else
+            app.reloader.to_complete do
+              class_unload!(&callback)
             end
           end
         else
-          app.reloader.to_complete do
-            class_unload!(&callback)
-          end
+          ActiveSupport::DescendantsTracker.disable_clear!
+        end
+      end
+
+      initializer :enable_yjit do
+        if config.yjit && defined?(RubyVM::YJIT.enable)
+          RubyVM::YJIT.enable
         end
       end
     end

data/lib/rails/application.rb

@@ -4,12 +4,12 @@ require "yaml"
 require "active_support/core_ext/hash/keys"
 require "active_support/core_ext/object/blank"
 require "active_support/key_generator"
-require "active_support/message_verifier"
+require "active_support/message_verifiers"
+require "active_support/deprecation"
 require "active_support/encrypted_configuration"
 require "active_support/hash_with_indifferent_access"
 require "active_support/configuration_file"
 require "rails/engine"
-require "rails/secrets"
 require "rails/autoloaders"
 
 module Rails
@@ -26,7 +26,7 @@ module Rails
   #
   # Besides providing the same configuration as Rails::Engine and Rails::Railtie,
   # the application object has several specific configurations, for example
-  # +cache_classes+, +consider_all_requests_local+, +filter_parameters+,
+  # +enable_reloading+, +consider_all_requests_local+, +filter_parameters+,
   # +logger+, and so forth.
   #
   # Check Rails::Application::Configuration to see them all.
@@ -70,6 +70,8 @@ module Rails
       def inherited(base)
         super
         Rails.app_class = base
+        # lib has to be added to $LOAD_PATH unconditionally, even if it's in the
+        # autoload paths and config.add_autoload_paths_to_load_path is false.
         add_lib_to_load_path!(find_root(base.called_from))
         ActiveSupport.run_load_hooks(:before_configuration, base)
       end
@@ -101,7 +103,7 @@ module Rails
     delegate :default_url_options, :default_url_options=, to: :routes
 
     INITIAL_VARIABLES = [:config, :railties, :routes_reloader, :reloaders,
-                         :routes, :helpers, :app_env_config, :secrets] # :nodoc:
+                         :routes, :helpers, :app_env_config] # :nodoc:
 
     def initialize(initial_variable_values = {}, &block)
       super()
@@ -111,7 +113,9 @@ module Rails
       @app_env_config    = nil
       @ordered_railties  = nil
       @railties          = nil
-      @message_verifiers = {}
+      @key_generators    = {}
+      @message_verifiers = nil
+      @deprecators       = nil
       @ran_load_hooks    = false
 
       @executor          = Class.new(ActiveSupport::Executor)
@@ -149,15 +153,53 @@ module Rails
       routes_reloader.reload!
     end
 
-    # Returns the application's KeyGenerator
-    def key_generator
+    # Returns a key generator (ActiveSupport::CachingKeyGenerator) for a
+    # specified +secret_key_base+. The return value is memoized, so additional
+    # calls with the same +secret_key_base+ will return the same key generator
+    # instance.
+    def key_generator(secret_key_base = self.secret_key_base)
       # number of iterations selected based on consultation with the google security
       # team. Details at https://github.com/rails/rails/pull/6952#issuecomment-7661220
-      @caching_key_generator ||= ActiveSupport::CachingKeyGenerator.new(
+      @key_generators[secret_key_base] ||= ActiveSupport::CachingKeyGenerator.new(
         ActiveSupport::KeyGenerator.new(secret_key_base, iterations: 1000)
       )
     end
 
+    # Returns a message verifier factory (ActiveSupport::MessageVerifiers). This
+    # factory can be used as a central point to configure and create message
+    # verifiers (ActiveSupport::MessageVerifier) for your application.
+    #
+    # By default, message verifiers created by this factory will generate
+    # messages using the default ActiveSupport::MessageVerifier options. You can
+    # override these options with a combination of
+    # ActiveSupport::MessageVerifiers#clear_rotations and
+    # ActiveSupport::MessageVerifiers#rotate. However, this must be done prior
+    # to building any message verifier instances. For example, in a
+    # +before_initialize+ block:
+    #
+    #   # Use `url_safe: true` when generating messages
+    #   config.before_initialize do |app|
+    #     app.message_verifiers.clear_rotations
+    #     app.message_verifiers.rotate(url_safe: true)
+    #   end
+    #
+    # Message verifiers created by this factory will always use a secret derived
+    # from #secret_key_base when generating messages. +clear_rotations+ will not
+    # affect this behavior. However, older +secret_key_base+ values can be
+    # rotated for verifying messages:
+    #
+    #   # Fall back to old `secret_key_base` when verifying messages
+    #   config.before_initialize do |app|
+    #     app.message_verifiers.rotate(secret_key_base: "old secret_key_base")
+    #   end
+    #
+    def message_verifiers
+      @message_verifiers ||=
+        ActiveSupport::MessageVerifiers.new do |salt, secret_key_base: self.secret_key_base|
+          key_generator(secret_key_base).generate_key(salt)
+        end.rotate_defaults
+    end
+
     # Returns a message verifier object.
     #
     # This verifier can be used to generate and verify signed messages in the application.
@@ -165,27 +207,36 @@ module Rails
     # It is recommended not to use the same verifier for different things, so you can get different
     # verifiers passing the +verifier_name+ argument.
     #
+    # For instance, +ActiveStorage::Blob.signed_id_verifier+ is implemented using this feature, which assures that
+    # the IDs strings haven't been tampered with and are safe to use in a finder.
+    #
+    # See the ActiveSupport::MessageVerifier documentation for more information.
+    #
     # ==== Parameters
     #
     # * +verifier_name+ - the name of the message verifier.
     #
     # ==== Examples
     #
-    #     message = Rails.application.message_verifier('sensitive_data').generate('my sensible data')
-    #     Rails.application.message_verifier('sensitive_data').verify(message)
-    #     # => 'my sensible data'
-    #
-    # See the ActiveSupport::MessageVerifier documentation for more information.
+    #     message = Rails.application.message_verifier('my_purpose').generate('data to sign against tampering')
+    #     Rails.application.message_verifier('my_purpose').verify(message)
+    #     # => 'data to sign against tampering'
     def message_verifier(verifier_name)
-      @message_verifiers[verifier_name] ||= begin
-        secret = key_generator.generate_key(verifier_name.to_s)
-        ActiveSupport::MessageVerifier.new(secret)
+      message_verifiers[verifier_name]
+    end
+
+    # A managed collection of deprecators (ActiveSupport::Deprecation::Deprecators).
+    # The collection's configuration methods affect all deprecators in the
+    # collection. Additionally, the collection's +silence+ method silences all
+    # deprecators in the collection for the duration of a given block.
+    def deprecators
+      @deprecators ||= ActiveSupport::Deprecation::Deprecators.new.tap do |deprecators|
+        deprecators[:railties] = Rails.deprecator
       end
     end
 
-    # Convenience for loading config/foo.yml for the current Rails env.
-    #
-    # Examples:
+    # Convenience for loading config/foo.yml for the current \Rails env.
+    # Example:
     #
     #     # config/exception_notification.yml:
     #     production:
@@ -196,13 +247,15 @@ module Rails
     #       url: http://localhost:3001
     #       namespace: my_app_development
     #
+    # <code></code>
+    #
     #     # config/environments/production.rb
     #     Rails.application.configure do
     #       config.middleware.use ExceptionNotifier, config_for(:exception_notification)
     #     end
     #
-    #     # You can also store configurations in a shared section which will be
-    #     # merged with the environment configuration
+    # You can also store configurations in a shared section which will be merged
+    # with the environment configuration
     #
     #     # config/example.yml
     #     shared:
@@ -215,6 +268,8 @@ module Rails
     #         bar:
     #           qux: 2
     #
+    # <code></code>
+    #
     #     # development environment
     #     Rails.application.config_for(:example)[:foo][:bar]
     #     # => { baz: 1, qux: 2 }
@@ -245,16 +300,17 @@ module Rails
       end
     end
 
-    # Stores some of the Rails initial environment parameters which
+    # Stores some of the \Rails initial environment parameters which
     # will be used by middlewares and engines to configure themselves.
     def env_config
       @app_env_config ||= super.merge(
-          "action_dispatch.parameter_filter" => config.filter_parameters,
+          "action_dispatch.parameter_filter" => filter_parameters,
           "action_dispatch.redirect_filter" => config.filter_redirect,
           "action_dispatch.secret_key_base" => secret_key_base,
           "action_dispatch.show_exceptions" => config.action_dispatch.show_exceptions,
           "action_dispatch.show_detailed_exceptions" => config.consider_all_requests_local,
           "action_dispatch.log_rescued_responses" => config.action_dispatch.log_rescued_responses,
+          "action_dispatch.debug_exception_log_level" => ActiveSupport::Logger.const_get(config.action_dispatch.debug_exception_log_level.to_s.upcase),
           "action_dispatch.logger" => Rails.logger,
           "action_dispatch.backtrace_cleaner" => Rails.backtrace_cleaner,
           "action_dispatch.key_generator" => key_generator,
@@ -337,7 +393,7 @@ module Rails
     # Rails application, you will need to add lib to $LOAD_PATH on your own in case
     # you need to load files in lib/ during the application configuration as well.
     def self.add_lib_to_load_path!(root) # :nodoc:
-      path = File.join root, "lib"
+      path = File.join(root, "lib")
       if File.exist?(path) && !$LOAD_PATH.include?(path)
         $LOAD_PATH.unshift(path)
       end
@@ -358,8 +414,8 @@ module Rails
     def watchable_args # :nodoc:
       files, dirs = config.watchable_files.dup, config.watchable_dirs.dup
 
-      ActiveSupport::Dependencies.autoload_paths.each do |path|
-        File.file?(path) ? files << path.to_s : dirs[path.to_s] = [:rb]
+      Rails.autoloaders.main.dirs.each do |path|
+        dirs[path] = [:rb]
       end
 
       [files, dirs]
@@ -385,41 +441,26 @@ module Rails
     end
 
     attr_writer :config
-
-    def secrets
-      @secrets ||= begin
-        secrets = ActiveSupport::OrderedOptions.new
-        files = config.paths["config/secrets"].existent
-        files = files.reject { |path| path.end_with?(".enc") } unless config.read_encrypted_secrets
-        secrets.merge! Rails::Secrets.parse(files, env: Rails.env)
-
-        # Fallback to config.secret_key_base if secrets.secret_key_base isn't set
-        secrets.secret_key_base ||= config.secret_key_base
-
-        secrets
-      end
-    end
-
-    attr_writer :secrets, :credentials
+    attr_writer :credentials
 
     # The secret_key_base is used as the input secret to the application's key generator, which in turn
     # is used to create all ActiveSupport::MessageVerifier and ActiveSupport::MessageEncryptor instances,
     # including the ones that sign and encrypt cookies.
     #
     # In development and test, this is randomly generated and stored in a
-    # temporary file in <tt>tmp/development_secret.txt</tt>.
+    # temporary file in <tt>tmp/local_secret.txt</tt>.
+    #
+    # You can also set <tt>ENV["SECRET_KEY_BASE_DUMMY"]</tt> to trigger the use of a randomly generated
+    # secret_key_base that's stored in a temporary file. This is useful when precompiling assets for
+    # production as part of a build step that otherwise does not need access to the production secrets.
+    #
+    # Dockerfile example: <tt>RUN SECRET_KEY_BASE_DUMMY=1 bundle exec rails assets:precompile</tt>.
     #
     # In all other environments, we look for it first in <tt>ENV["SECRET_KEY_BASE"]</tt>,
-    # then +credentials.secret_key_base+, and finally +secrets.secret_key_base+. For most applications,
-    # the correct place to store it is in the encrypted credentials file.
+    # then +credentials.secret_key_base+. For most applications, the correct place to store it is in the
+    # encrypted credentials file.
     def secret_key_base
-      if Rails.env.development? || Rails.env.test?
-        secrets.secret_key_base ||= generate_development_secret
-      else
-        validate_secret_key_base(
-          ENV["SECRET_KEY_BASE"] || credentials.secret_key_base || secrets.secret_key_base
-        )
-      end
+      config.secret_key_base
     end
 
     # Returns an ActiveSupport::EncryptedConfiguration instance for the
@@ -488,6 +529,11 @@ module Rails
       ordered_railties.flatten - [self]
     end
 
+    def load_generators(app = self) # :nodoc:
+      app.ensure_generator_templates_added
+      super
+    end
+
     # Eager loads the application code.
     def eager_load!
       Rails.autoloaders.each(&:eager_load)
@@ -567,33 +613,12 @@ module Rails
       default_stack.build_stack
     end
 
-    def validate_secret_key_base(secret_key_base)
-      if secret_key_base.is_a?(String) && secret_key_base.present?
-        secret_key_base
-      elsif secret_key_base
-        raise ArgumentError, "`secret_key_base` for #{Rails.env} environment must be a type of String`"
-      else
-        raise ArgumentError, "Missing `secret_key_base` for '#{Rails.env}' environment, set this string with `bin/rails credentials:edit`"
-      end
+    def ensure_generator_templates_added
+      configured_paths = config.generators.templates
+      configured_paths.unshift(*(paths["lib/templates"].existent - configured_paths))
     end
 
     private
-      def generate_development_secret
-        if secrets.secret_key_base.nil?
-          key_file = Rails.root.join("tmp/development_secret.txt")
-
-          if !File.exist?(key_file)
-            random_key = SecureRandom.hex(64)
-            FileUtils.mkdir_p(key_file.dirname)
-            File.binwrite(key_file, random_key)
-          end
-
-          secrets.secret_key_base = File.binread(key_file)
-        end
-
-        secrets.secret_key_base
-      end
-
       def build_request(env)
         req = super
         env["ORIGINAL_FULLPATH"] = req.fullpath
@@ -608,5 +633,14 @@ module Rails
       def coerce_same_site_protection(protection)
         protection.respond_to?(:call) ? protection : proc { protection }
       end
+
+      def filter_parameters
+        if config.precompile_filter_parameters
+          config.filter_parameters.replace(
+            ActiveSupport::ParameterFilter.precompile_filters(config.filter_parameters)
+          )
+        end
+        config.filter_parameters
+      end
   end
 end

data/lib/rails/backtrace_cleaner.rb

@@ -4,15 +4,17 @@ require "active_support/backtrace_cleaner"
 require "active_support/core_ext/string/access"
 
 module Rails
-  class BacktraceCleaner < ActiveSupport::BacktraceCleaner
+  class BacktraceCleaner < ActiveSupport::BacktraceCleaner # :nodoc:
     APP_DIRS_PATTERN = /\A(?:\.\/)?(?:app|config|lib|test|\(\w*\))/
-    RENDER_TEMPLATE_PATTERN = /:in `.*_\w+_{2,3}\d+_\d+'/
+    RENDER_TEMPLATE_PATTERN = /:in [`'].*_\w+_{2,3}\d+_\d+'/
 
     def initialize
       super
-      @root = "#{Rails.root}/"
       add_filter do |line|
-        line.start_with?(@root) ? line.from(@root.size) : line
+        # We may be called before Rails.root is assigned.
+        # When that happens we fallback to not truncating.
+        @root ||= Rails.root && "#{Rails.root}/"
+        @root && line.start_with?(@root) ? line.from(@root.size) : line
       end
       add_filter do |line|
         if RENDER_TEMPLATE_PATTERN.match?(line)
@@ -23,5 +25,18 @@ module Rails
       end
       add_silencer { |line| !APP_DIRS_PATTERN.match?(line) }
     end
+
+    def clean(backtrace, kind = :silent)
+      kind = nil if ENV["BACKTRACE"]
+
+      super(backtrace, kind)
+    end
+    alias_method :filter, :clean
+
+    def clean_frame(frame, kind = :silent)
+      kind = nil if ENV["BACKTRACE"]
+
+      super(frame, kind)
+    end
   end
 end

data/lib/rails/cli.rb

@@ -6,12 +6,14 @@ require "rails/app_loader"
 # the rest of this script is not run.
 Rails::AppLoader.exec_app
 
-require "rails/ruby_version_check"
 Signal.trap("INT") { puts; exit(1) }
 
 require "rails/command"
-
-if ARGV.first == "plugin"
+case ARGV.first
+when Rails::Command::HELP_MAPPINGS, "help", nil
+  ARGV.shift
+  Rails::Command.invoke :gem_help, ARGV
+when "plugin"
   ARGV.shift
   Rails::Command.invoke :plugin, ARGV
 else

data/lib/rails/command/actions.rb

@@ -10,23 +10,21 @@ module Rails
         Dir.chdir(File.expand_path("../..", APP_PATH)) unless File.exist?(File.expand_path("config.ru"))
       end
 
-      def require_application_and_environment!
-        require_application!
-        require_environment!
-      end
-
       def require_application!
         require ENGINE_PATH if defined?(ENGINE_PATH)
+        require APP_PATH if defined?(APP_PATH)
+      end
 
-        if defined?(APP_PATH)
-          require APP_PATH
-        end
+      def boot_application!
+        require_application!
+        Rails.application.require_environment! if defined?(APP_PATH)
       end
 
-      def require_environment!
-        if defined?(APP_PATH)
-          Rails.application.require_environment!
-        end
+      def load_environment_config!
+        require_application!
+        # Only run initializers that are in the :all group, which includes the
+        # :load_environment_config initializer.
+        Rails.application.initialize!(:_) if defined?(APP_PATH)
       end
 
       if defined?(ENGINE_PATH)